Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Device and method for detecting command and control channel

a command and control channel technology, applied in the direction of transmission, electrical equipment, etc., can solve the problems of destroying the system, hacking information, and the maintenance of the command and control channel, and achieve the effect of efficient processing

Active Publication Date: 2017-01-12
NARU SECURITY
View PDF1 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

The present invention allows for analyzing communication sessions to detect malicious access. This can help identify attacks without a signature and can also help with detecting gradual and precise attacks on an internal network. Additionally, the invention can detect modified attacks or encrypted traffic, regardless of the method used for the attack.

Problems solved by technology

An attacker stays with the network to be attacked for several months, collecting information, attacking the internal network, destroying the system, and hacking information.
In particular, recently, the command and control channel has not been maintained, but the internal network device contaminated by the attacker periodically attempts access to the attacker provided on the outer side to generate a command and control channel.
However, such detecting method detects known malicious behavior so it only detects low-level attacks for copying already used attacking methods and has a difficulty in detecting attacks using new command and control channels.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Device and method for detecting command and control channel
  • Device and method for detecting command and control channel
  • Device and method for detecting command and control channel

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032]In the following detailed description, only certain exemplary embodiments of the present invention have been shown and described, simply by way of illustration. As those skilled in the art would realize, the described embodiments may be modified in various different ways, all without departing from the spirit or scope of the present invention. Accordingly, the drawings and description are to be regarded as illustrative in nature and not restrictive. Like reference numerals designate like elements throughout the specification.

[0033]Throughout the specification, unless explicitly described to the contrary, the word “comprise” and variations such as “comprises” or “comprising” will be understood to imply the inclusion of stated elements but not the exclusion of any other elements.

[0034]A device and method for detecting a command and control channel according to an exemplary embodiment of the present invention will now be described with reference to accompanying drawings.

[0035]FIG...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A device for detecting a command and control channel includes: a session log collector for collecting log information of sessions generated between at least one communication device of the first network and at least one communication device of the second network; an analyzer for generating test data for respective sessions based on the log information, and calculating a test data distribution based on test data of the sessions; and a determiner for extracting a test data value corresponding to an abnormal distribution from the test data distribution based on an abnormal distribution determination standard, and estimating sessions relating to the extracted test data value as a command and control channel.

Description

TECHNICAL FIELD[0001]The present invention relates to a device and method for detecting a command and control channel.BACKGROUND ART[0002]Recently, various sorts of target attacks such as a denial of service (DoS) attack, personal information hacking, financial agencies hacking, and cyber terrors have been increasing, starting from the distributed denial of service (DoS) attack. There are various kinds of attackers and attacking methods, and a common ground thereof is that an external part of a network to be attacked and is connected to an internal part of the network to be attacked by a command and control channel and the attack is performed.[0003]The attack through the command and control channel represents an advanced persistent attack. An attacker stays with the network to be attacked for several months, collecting information, attacking the internal network, destroying the system, and hacking information. The network to be attacked is generally protected by a firewall or an int...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L2463/142H04L63/1425H04L63/1458
Inventor KIM, HYUKJOON
Owner NARU SECURITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com